NotCVE - vendor:"Hp" product:"Business Process Monitor" version:"09.22"

3 results (0.010 seconds)

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2017-5801

https://notcve.org/view.php?id=CVE-2017-5801

A Remote Unauthorized Access to Data vulnerability in HPE Business Process Monitor version v09.2x, v09.30 was found. Se ha encontrado una vulnerabilidad de acceso remoto no autorizado a datos en HPE Business Process Monitor v09.2x y v09.30. • http://www.securityfocus.com/bid/97386 http://www.securitytracker.com/id/1038176 https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbgn03727en_us • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0

CVE-2013-4804

https://notcve.org/view.php?id=CVE-2013-4804

CVSS: 10.0EPSS: 18%CPEs: 2EXPL: 0

CVE-2013-2366 – HP Business Process Monitor tp_bpm_admin.exe Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2013-2366

Unspecified vulnerability in HP Business Process Monitor 9.13.1 patch 1 and 9.22 patch 1 allows remote attackers to execute arbitrary code and obtain sensitive information via unknown vectors, aka ZDI-CAN-1802. Vulnerabilidad no especificada en HP Business Process Monitor 9.13.1 parche 1, y 9.22 parche 1 permite a atacantes remotos ejecutar código de forma arbitraria y obtener información sensible a través de vectores desconocidos, tambien conocido como ZDI-CAN-1802. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Business Process Monitor. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of requests to the tp_bpm_admin.exe server which listens by default on TCP port 2696. This server exposes file upload functionality that is vulnerable to a directory traversal. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03844594 •